High severity7.5NVD Advisory· Published May 4, 2021· Updated Jun 17, 2026
CVE-2021-3154
CVE-2021-3154
Description
An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481.
Affected products
2- SolarWinds/Serv-Udescription
- Range: <15.2.2
Patches
Vulnerability mechanics
References
1- documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-2-2_release_notes.htmnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.